5 Famous Cybersecurity Breaches: What Went Wrong and How to Avoid a Similar Fate

Let’s face it, it’s been a scary year in data security for many organizations and companies, not to mention their customers. From 2016 continuing into 2017, cyber hackers have shown the extent of their capabilities by using malware to take big businesses offline, hacking the government and political parties, and even targeting individuals.

Here’s a review of some of the biggest cybersecurity breaches at top organizations in recent years. We’ll take a look at what went wrong and refer you to the cybersecurity keynote speaker that can help your organization avoid a similar fate.

Neiman Marcus

Information storage hack and credit card fraud

In 2014, retailer Neiman Marcus suffered a cybersecurity attack in which the hackers accessed the company’s customer credit card records. In rifling through the database the hackers set off nearly 60,000 alerts notifying the retailer of questionable activity. But the retailer didn’t pay much attention. For eight months, the hackers were able to access information from hacked cash registers. It was estimated that between 350,000 cards were in danger and about $9,000 had been used fraudulently.

Lesson: Be vigilant. Don’t ignore red flags that signal the possibility of a cyber breach.  

Speaker: Robert Herjavec, entrepreneur and Shark Tank panelist, recently launched The Herjavec Group, a cybersecurity solutions service that specializes in information security. The Herjavec Group is recognized as a leader in cybersecurity and one of the fastest growing technology companies in the nation.


Retaliatory steal, wipe, and release of data

Also in 2014, Sony fell victim to a massive data security breach. Hackers not only erased data from Sony systems, but also stole and posted online unreleased movies, company sensitive documents, and customer and employee information, including social security numbers, medical records, and even private, sometimes embarrassing, communications. The exact identity of the hackers is unclear, but the motive behind the hack is believed to have been a retaliation for Sony’s film The Interview, a Seth Rogen and James Franco comedy about a CIA plot to kill North Korean leader Kim Jong-Un. It is likely that the Sony hack resulted from phishing emails and antivirus programs that were not capable of detecting the hacker’s malware.

Lesson: Ask your employer’s HR department how any data the firm stores about you is protected, and seek data protection assurances from businesses with which you do business. An ounce of prevention may be worth many gallons of cure.

Speaker: Hugh Thompson Chief Technology Officer and Senior Vice President at Blue Coat, a hardware and software provider for cyber security management. A seasoned cybersecurity keynote speaker, Hugh takes a unique human-centric approach to cybersecurity—asking us to consider how the victim of a cybersecurity hack is affected after the attack, and how these individuals can protect themselves moving forward.  


Cyber espionage and email hack through spear phishing

In late 2016, hackers released nearly 20,000 emails stolen from the servers of the Democratic National Committee (DNC) that were subsequently published by WikiLeaks. The hack also included donors’ personal information, such as credit card and social security numbers. One email even contained a picture of a check for $150,000. While the identity of the hacker is still hotly debated, it is clear that the email server was likely hacked through spear phishing—emails that appear to be sent from a personal acquaintance or a respectable business that bait you into sharing confidential information. The spear phishing hacker thrives on familiarity. They know your name, your email address, and a little bit about your friends/colleagues or maybe a recent purchase that you made.

Lesson: Make it a priority to train employees on how to recognize malicious emails and provide them with strategies to avoid spear phishing emails that can be harder to detect. Also, and this should be obvious, don’t email photos of checks. America’s check payment network allows anyone to withdraw money from anyone else’s account with only the routing number.

Speaker: Adam Levin is the founder of CyberScout (formerly IDT911). He is a nationally recognized expert on security, privacy, identity theft, fraud, and personal finance. Levine is also the author of the Amazon Bestseller Swiped: How to Protect Yourself in a World Full of Scammers, Phishers, and Identity Thieves. There is also, former FBI agent Eric O’Neil, who leads The Georgetown Group, an investigative and security agency, where he tackles issues of economic espionage, counterintelligence, and cyber security penetrations. Eric advises that the weakest link in every security system is not a computer but a human.


Data storage breach of sensitive customer information

Yahoo makes the list twice because it experienced two major breaches within the span of a year. In September  2016, Yahoo revealed that 500 million user accounts had been hacked in 2014. Later that year in December, Yahoo dropped another bombshell, announcing that a different cyber attack in 2013 compromised more than 1 billion accounts. The two breaches are the largest known security breaches of a single company’s computer network. The hack involved user information, including names, telephone numbers, dates of birth, encrypted passwords, and encrypted security questions that could be used to reset a password. Critics say the company was slow to adopt aggressive security measures, but today Yahoo is making cybersecurity prevention and training a part of their business model.

Lesson: Make cybersecurity information sessions and briefings part of your internal effort to promote a security culture. For large organizations, hiring a risk management executive to focus on security is a good idea. Yahoo hired a risk management leader whose sole job is to develop Yahoo’s information management and security program.

Speaker: Bryan Seely is a world-famous cybersecurity expert, author, and former U.S. Marine. He is known for intercepting calls to the United States Secret Service and FBI by hacking Google Maps in early 2014. Today Bryan uses his powers for good. He is an ethical hacker and helps companies like LinkedIn find and resolve weak security points in their cyber infrastructure. Who better to help you prevent a data hack than a former hacker?

Your company may or may not have data that is sensitive as Yahoo, Neiman Marcus, or the DNC; however, once information has been stolen, it is virtually impossible to “unsteal” it. A cyber hack can be catastrophic to any organization. According to the National Security Alliance, about 20% of small businesses are cyber attacked, with 60% of the victims having to shut down their business less than 6 months after the attack.

So be vigilant. One of the best ways to avoid a cybersecurity breach at your company is to make sure employees are well informed of cyber risks—and the ways to avoid them.

The content writers at BigSpeak Speakers Bureau are Experts on the Experts. They hold doctoral, masters, and bachelors’ degrees in business, writing, literature, and education. Their business thought pieces are published regularly in leading business publications. Working in close association with the top business, entrepreneur, and motivational speakers, BigSpeak content writers are at the forefront of industry trends and research.